One typical known individual authentication processing system performs authentication based on a key such as a password. FIG. 1 shows a processing sequence of a known authentication system for performing authentication by receiving a password at the time the processing on an information processing apparatus (for example, a PC) starts.
FIG. 1 shows time course in the abscissa axis and illustrates the processing performed in accordance with the flow of time. An authentication unit 101 performs the authentication processing. The authentication unit 101 is provided in the interior of an information processing apparatus used by unspecified users, such as a PC serving as a user terminal or an information terminal or financial terminal located in a public place, or a server connected with a network over which user input information can be transferred.
The authentication unit 101 stores a password corresponding to a pre-registered user in a storage unit and checks a password input from a user against the password stored in the storage unit. When the checking processing determines that the password input from the user agrees with the password stored in the storage unit, it is determined that the authentication is successful. If the two passwords disagree with each other, it is determined that the authentication is unsuccessful.
Only when the authentication is successful, the processing based on a user operation performed subsequent to the authentication is performed. The user operation is diverse, ranging from, for example, obtaining data from storage means in a PC having the authentication unit, updating data, drawing money from the financial terminal, and downloading data from the server through the network.
The processing sequence shown in FIG. 1 is such that, when the authentication is successful on the basis of the password input once, a series of subsequent processes is unconditionally performed. For example, a user of a PC is authenticated using a password prior to operating the PC, as shown in FIG. 1. The user who has been authenticated leaves the PC. When a different user operates the PC, the processing based on the operation is performed. As discussed above, the configuration dependent solely on authentication executed as the so-called log-in processing is disadvantageous in that, when an operation is subsequently performed by a different user, the operation cannot be distinguished from the processing by the authenticate user.
In order to remove such disadvantages, for example, there is a processing sequence shown in FIG. 2. Similar to FIG. 1, FIG. 2 shows time course in the abscissa axis and illustrates the processing performed in accordance with the flow of time. An authentication unit 201 performs the authentication processing. Similar to FIG. 1, the authentication unit 201 is provided in the interior of an information processing apparatus used by unspecified users, such as a PC serving as a user terminal or an information terminal or financial terminal located in a public space, or a server connected with a network over which user input information can be transferred.
The processing sequence shown in FIG. 2 performs the authentication processing every time the user operation is performed. When the authentication is successful once, only one operation immediately after the authentication is permitted. As discussed above, the authentication processing and operation permission are repetitively performed every time an operation is performed. Accordingly, unauthorized use by a different user, which is described with reference to FIG. 1, can be eliminated. However, the processing sequence of FIG. 2 requires the user to input a key such as a password every time the user performs an operation. As a result, the operation becomes complicated, and the processing efficiency is reduced.